欢迎来到李先生的博客

深山的鹿,不知归处;万般皆苦,只可自渡。
扩大
缩小

Kuberneteser二进制安装与配置(二)

环境:Centos7
版本:Kubernetes v1.11.4
 
一、下载Kubernetes(在所有机器上都要)
 
1)下载
wget https://github.com/kubernetes/kubernetes/releases/download/v1.11.4/kubernetes.tar.gz

 

2)解压
tar -zxvf kubernetes.tar.gz
cd kubernetes
sh cluster/get-kube-binaries.sh

 

3)server目录下会多一个文件
 
解压:进入到bin目录,可以看到很多二进制文件
 
 
二、Master上部署服务etcd、kube-apiserver、kube-controller-manager、kube-schedule服务
 
1、关闭防火墙
yum -y install firewalld
systemctl stop firewalld
systemctl disable firewalld.service

 

2、配置etcd
 
etcd服务作为Kubernetes集群的主数据库,在安装Kubernetes各服务之前需要首先安装和启动
wget https://github.com/coreos/etcd/releases/download/v3.3.2/etcd-v3.3.2-linux-amd64.tar.gz
tar -zxvf cd etcd-v3.3.2-linux-amd64/tar.gz
cd etcd-v3.3.2-linux-amd64/

 

 
把etcd、etcdctl拷贝到/usr/bin目录下,并设置systemd服务文件
cp etcd etcdctl /usr/bin/

 

vim /usr/lib/systemd/system/etcd.service
[Unit]
Description=Etcd Server
After=network.target

[Service]
Type=simple
WorkingDirectory=/var/lib/etcd/
EnvironmentFile=-/etc/etcd/etcd.conf
ExecStart=/usr/bin/etcd

[Install]
WantedBy=multi-user.target

 

加载配置文件并启动
mkdir  /var/lib/etcd
systemctl daemon-reload
systemctl start etcd.service

 

查看etcd是否健康
 
etcdctl cluster-health

 
3、kube-apiserver   
 
vim  /usr/lib/systemd/system/kube-apiserver.service
 
[Unit]
Description=Kubernetes API Server
After=etcd.service
Wants=etcd.service

[Service]
EnvironmentFile=/etc/kubernetes/apiserver
ExecStart=/usr/bin/kube-apiserver       \
                    $KUBE_LOGTOSTDERR   \
                    $KUBE_ETCD_SERVERS  \
                    $KUBE_LOG_LEVEL     \
                    $KUBE_LOG_DIR       \
                    $KUBE_API_ADDRESS   \
                    $KUBE_API_PORT      \
                    $KUBE_SERVICE_ADDRESS \
                    $KUBE_SERVICE_PORT \
                    $KUBE_ADMISSION_CONTROL 
Restart=on-failure
Type=notify
LimitNOFILE=65535

[Install]
WantedBy=multi-user.target

 

配置文件:
 
vim /etc/kubernetes/apiserver
 
 
 
KUBE_ETCD_SERVERS="--etcd-servers=http://127.0.0.1:2379"
KUBE_API_ADDRESS="--insecure-bind-address=0.0.0.0"
KUBE_API_PORT="--insecure-port=8080"
KUBE_SERVICE_ADDRESSES="--service-cluster-ip-range=169.169.0.0/16"
KUBE_SERVICE_PORT="--service-node-port-range=1-65535" 
KUBE_ADMISSION_CONTROL="--admission-control=NamespaceLifecycle,LimitRanger,SecurityContextDeny,ResourceQuota"
KUBE_LOGTOSTDERR="--logtostderr=false"
KUBE_LOG_DIR="--log-dir=/var/log/kubernetes"
KUBE_LOG_LEVEL="--v=2"

 

--etcd-servers:指定etcd服务的URL
--insecure-bind-address:apiserver绑定主机的非安全IP地址,设置0.0.0.0表示绑定所有IP地址
--insecure-port:apiserver绑定主机的非安全端口号,默认为8080
--service-cluster-ip-range:Kubernetes集群中Service的虚拟IP地址范围,该IP范围不能与物理机的真实IP段有重合
--service-node-ip-range:Kubernetes集群中Service可映射的物理机端口号范围,默认为30000~32767
--admission-control:Kubernetes集群的准入控制设置,各控制模块以插件的形式依次生效
--logtostderr:设置为false表示将日志写入文件,不写入stderr
--log-dir:日志目录
--v:日志级别
 
 
启动并查看其状态:
 
cp kube-apiserver /usr/bin/
systemctl daemon-reload
systemctl start kube-apiserver.service
systemctl status kube-apiserver.service

 

 
4、kube-controller-manager  
kube-controller-manager服务依赖于kube-apiserver
 
vim /usr/lib/systemd/system/kube-controller-manager.service
 
[Unit]
Description=Kubernetes Controller Manager Server
After=kube-apiserver.service
Requires=kube-apiserver.service

[Service]
EnvironmentFile=/etc/kubernetes/controller-manager
ExecStart=/usr/bin/kube-controller-manager      \
                            $KUBE_LOGTOSTDERR   \
                            $KUBE_LOGDIR        \
                            $KUBE_LOG_LEVEL     \
                            $KUBE_MASTER        
Restart=on-failure
LimitNOFILE=65535

[Install]
WantedBy=multi-user.target

 

vim /etc/kubernetes/controller-manager
 
KUBE_MASTER="--master=http://127.0.0.1:8080"
KUBE_LOGTOSTDERR="--logtostderr=false"
KUBE_LOGDIR="--log-dir=/var/log/kubenetes"
KUBE_LOG_LEVEL="--v=2"

 

--master:表示apiserver的URL地址
--logtostderr:设置为false表示将日志写入文件,不写入stderr
--log-dir:日志目录
--v:日志级别
 
启动查看状态:
cp kube-controller-manager /usr/bin/
systemctl start kube-controller-manager.service
systemctl status kube-controller-manager.service

 

5、kube-schedule
kube-schedule服务也依赖于kube-apiserver服务
 
vim /usr/lib/systemd/system/kube-schedule.service
 
[Unit]
Description=Kubernetes Schedule Server
After=kube-apiserver.service
Requires=kube-apiserver.service

[Service]
EnvironmentFile=/etc/kubernetes/schedule
ExecStart=/usr/bin/kube-scheduler \
                            $KUBE_LOGTOSTDERR   \
                            $KUBE_LOGDIR        \
                            $KUBE_LOG_LEVEL     \
                            $KUBE_MASTER

Restart=on-failure
LimitNOFILE=65535

[Install]
WantedBy=multi-user.target

 

vim /etc/kubernetes/schedule
KUBE_MASTER="--master=http://127.0.0.1:8080"
KUBE_LOGTOSTDERR="--logtostderr=false"
KUBE_LOGDIR="--log-dir=/var/log/kubenetes"
KUBE_LOG_LEVEL="--v=2"

 

 
启动、查看状态
cp kube-scheduler /usr/bin/
systemctl daemon-reload
systemctl start kube-schedule.service
systemctl status kube-schedule.service

 

 
三、Node上的Kubelet、kube-proxy服务
 
在node节点上得先安装docker
yum -y remove docker*
yum -y install docker
systemctl start docker

 

1)Kubelet
Kubelet服务依赖于Docker服务
 
vim /usr/lib/systemd/system/kubelet.service
 
[Unit]
Description=Kubernetes Kubelete Server
After=docker.service
Requires=docker.service

[Service]
WorkingDirectory=/var/lib/kubelet
EnvironmentFile=/etc/kubernetes/kubelet
ExecStart=/usr/bin/kubelet \
                      $KUBELET_ADDRESS            \
                      $KUBELET_POD_INFRA_CONTAINER  \
                      $KUBELET_ARGS     \
                      $KUBE_LOGTOSTDERR \
                      $KUBE_LOGDIR \
                      $KUBE_LOG_LEVEL \
                      $KUBE_CGROUPS \
$KUBE_HOSTNAME Restart
=on-failure [Install] WantedBy=multi-user.target

 

vim /etc/kubernetes/kubelet
KUBELET_ADDRESS="--address=0.0.0.0"
KUBELET_POD_INFRA_CONTAINER="--pod-infra-container-image=registry.access.redhat.com/rhel7/pod-infrastructure"
KUBELET_ARGS="--enable-server=true --enable-debugging-handlers=true --fail-swap-on=false --kubeconfig=/etc/kubernetes/config"
KUBE_LOGTOSTDERR="--logtostderr=false"
KUBE_LOGDIR="--log-dir=/var/log/kubenetes"
KUBE_LOG_LEVEL="--v=2"
KUBE_CGROUPS="--runtime-cgroups=/systemd/system.slice --kubelet-cgroups=/systemd/system.slice"
KUBE_HOSTNAME="--hostname-override=node1"

 

vim /etc/kubernetes/config
apiVersion: v1
kind: Config
users:
- name: kubelet
clusters:
- name: kubernetes
  cluster:
    server: http://172.29.1.165:8080
contexts:
- context:
    cluster: kubernetes
    user: kubelet
  name: service-account-context
current-context: service-account-context

 

mkdir /var/lib/kubelet
cp kubelet /usr/bin/
systemctl daemon-reload
systemctl start kubelet.service
systemctl status kubelet.service

 

这里启动kubelet可能会报错:

failed to run Kubelet: failed to create kubelet: misconfiguration: kubelet cgroup driver: "cgroupfs" is different from docker cgroup driver: "systemd"
 
解决办法:
vim /lib/systemd/system/docker.service
--exec-opt native.cgroupdriver=systemd  修改成  --exec-opt native.cgroupdriver=cgroupfs

 

2、kube-proxy
 
vim /usr/lib/systemd/system/kube-proxy.service
[Unit]
Description=Kubernetes Kubelete Server
After=network.service
Requires=network.service

[Service]
EnvironmentFile=/etc/kubernetes/proxy
ExecStart=/usr/bin/kube-proxy \
                            $KUBE_LOGTOSTDERR   \
                            $KUBE_LOGDIR        \
                            $KUBE_LOG_LEVEL     \
                            $KUBE_MASTER
Restart=on-failure
LimitNOFILE=65535

[Install]
WantedBy=multi-user.target

 

vim /etc/kubernetes/proxy
KUBE_MASTER="--master=http://172.29.1.165:8080"
KUBE_LOGTOSTDERR="--logtostderr=false"
KUBE_LOGDIR="--log-dir=/var/log/kubenetes"
KUBE_LOG_LEVEL="--v=2"

 

cp kube-proxy /usr/bin/
systemctl daemon-reload
systemctl start kube-proxy.service
systemctl status kube-proxy.service

 

 
四、验证
 
在master上查看组件状态:
 
 
cp kubectl /usr/bin/
kubectl get cs

 

 
 
在master上查看nodes,看nodes是否在master上注册
 
 
 kubectl get nodes

 

posted on 2018-11-16 16:18  Captain_Li  阅读(720)  评论(0编辑  收藏

导航