k8s 部署
wget -O /etc/yum.repos.d/CentOS-Base.repo http://mirrors.aliyun.com/repo/Centos-7.repoyum clean all yum makecache
yum -y updatek8s 安装
时间同步安装yum -y install chrony
启动systemctl start chronyd && systemctl enable chronyd
检测chronyc sources
查看date
修改主机名称hostnamectl set-hostname master
编辑文件 ip映射主机名vi /etc/hosts
192.168.1.20 master
192.168.1.21 node1
192.168.1.22 node2
配置master配置ssh免密登入。
ssh-keygen -t rsa
进入 ssh 目录
cd .ssh
查看公钥
cat id_rsa.pub
在master中执行以下命令,对node1和node2进行免密登录,需要把master的公钥放到node1和node2的authorized_keys文件里
ssh-copy-id node1 ssh-copy-id node2
关闭防火墙
如有firewalld服务或iptables规则关闭各节点iptables和firewalld服务systemctl stop firewalld && systemctl disable firewalldiptables -F
永久关闭vi /etc/sysconfig/selinux 中改SELINUX=disabled
禁用Swap设备
临时禁用swapoff -a
永久禁用
vi /etc/fstab #注释dev/mapper/centos-swap swap
检查free
打开iptables桥接功能及路由转发 各节点开启桥接。
查看sysctl -a |grep bridge
开启modprobe br_netfilter
cat >> /etc/sysctl.d/k8s.conf << EOFnet.bridge.bridge-nf-call-iptables = 1net.bridge.bridge-nf-call-ip6tables = 1EOF
sysctl -p /etc/sysctl.d/k8s.conf
各节点开启转发。echo "net.ipv4.ip_forward = 1" >> /etc/sysctl.confcat /etc/sysctl.conf |grep ip_forwardsysctl -p
部署dockerwget https://mirrors.aliyun.com/docker-ce/linux/centos/docker-ce.repo -O /etc/yum.repos.d/docker-ce.repoyum -y install docker-ce-19.03.13systemctl enable docker && systemctl start dockerdocker --version
查看原yum list docker-ce --showduplicates | sort -r
查询安装过的包yum list installed | grep docker
部署kubernetes
获取yum。cat > /etc/yum.repos.d/kubernetes.repo << EOF[kubernetes]name=Kubernetesbaseurl=https://mirrors.aliyun.com/kubernetes/yum/repos/kubernetes-el7-x86_64enabled=1gpgcheck=1repo_gpgcheck=0gpgkey=https://mirrors.aliyun.com/kubernetes/yum/doc/yum-key.gpg https://mirrors.aliyun.com/kubernetes/yum/doc/rpm-package-key.gpgEOF
安装 k8syum -y install kubelet-1.19.4 kubectl-1.19.4 kubeadm-1.19.4
开机启动systemctl enable kubelet
查看安装yum list installed | grep kubelet
配置Master节点初始化kubeadm init \--apiserver-advertise-address=192.168.1.20 \--image-repository registry.aliyuncs.com/google_containers \--kubernetes-version v1.19.4 \--service-cidr=10.96.0.0/12 \--pod-network-cidr=10.244.0.0/16
查看节点 #报这个错误的话 执行下边命令 The connection to the server 192.168.1.20:6443 was refused - did you specify the right host or port?
kubectl get nodes
echo "export KUBECONFIG=/etc/kubernetes/admin.conf" >> ~/.bash_profilesource ~/.bash_profile
网络插件安装
wget --no-check-certificate https://raw.githubusercontent.com/coreos/flannel/master/Documentation/kube-flannel.yml
kubectl apply -f kube-flannel.yml
删除旧的docker
yum remove docker \ docker-client \ docker-client-latest \ docker-common \ docker-latest \ docker-latest-logrotate \ docker-logrotate \ docker-engine
重启kubelet
systemctl restart kubelet
卸载k8syum remove -y kubelet kubeadm kubectl
kubeadm reset -f
modprobe -r ipiplsmodrm -rf ~/.kube/rm -rf /etc/kubernetes/rm -rf /etc/systemd/system/kubelet.service.drm -rf /etc/systemd/system/kubelet.servicerm -rf /usr/bin/kube*rm -rf /etc/cnirm -rf /opt/cnirm -rf /var/lib/etcdrm -rf /var/etcd
部署nginx
kubectl create deployment nginx --image=nginx
查看pod
kubectl get pod
安装网络工具
yum install net-tools -y
查询端口
netstat -nlpt
查询控制器
kubectl get deployment
kubectl get pod
kubectl get service
暴露nginx
kubectl expose deployment nginx --port=80 --type=NodePort
删除控制器
kubectl delete deployment nginx
删除pod
kubectl delete pod nginx-XXXXX
仪表盘
wget https://raw.githubusercontent.com/kubernetes/dashboard/v2.0.4/aio/deploy/recommended.yaml --no-check-certificate
kubectl create -f recommended.yaml
获取token
#创建一个dashboard的管理用户
kubectl create serviceaccount dashboard-admin -n kube-system
#将创建的dashboard用户绑定为管理用户
kubectl create clusterrolebinding dashboard-cluster-admin --clusterrole=cluster-admin --serviceaccount=kube-system:dashboard-admin
#获取刚刚创建的用户对应的token名称
kubectl get secrets -n kube-system | grep dashboard
#查看token的详细信息
kubectl describe secrets -n kube-system dashboard-admin-token-ghfwf
查看
kubectl get service -A
浙公网安备 33010602011771号