http://blog.csdn.net/zjysource/article/details/52086835
mast节点
yum-config-manager --add-repo https://docs.docker.com/v1.13/engine/installation/linux/repo_files/centos/docker.repo
yum makecache fast
yum -y install docker-engine-1.13.1
yum install epel-release -y
yum remove -y docker-engine*
yum install -y kubernetes etcd docker flannel
修改配置文件
/etc/etcd/etcd.conf
sed -i "s/localhost:2379/192.168.1.107:2379/g" /etc/etcd/etcd.conf
sed -i "s/localhost:2380/192.168.1.107:2380/g" /etc/etcd/etcd.conf
sed -i "s/192.168.1.107:2379/192.168.1.107:2379,http:\/\/127.0.0.1:2379/g" /etc/etcd/etcd.conf
/etc/kubernetes/apiserver
sed -i "s/127.0.0.1:2379/192.168.1.107:2379/g" /etc/kubernetes/apiserver
sed -i "s/--insecure-bind-address=127.0.0.1/--insecure-bind-address=0.0.0.0/g" /etc/kubernetes/apiserver
sed -i "s/--admission-control=NamespaceLifecycle,NamespaceExists,LimitRanger,SecurityContextDeny,ServiceAccount,ResourceQuota/--admission_control=NamespaceLifecycle,NamespaceExists,LimitRanger,ResourceQuota/g" /etc/kubernetes/apiserver
/etc/kubernetes/kubelet
sed -i "s/--hostname-override=127.0.0.1/--hostname-override=192.168.1.107/g" /etc/kubernetes/kubelet
sed -i "s/127.0.0.1:8080/192.168.1.107:8080/g" /etc/kubernetes/kubelet
sed -i "s/--address=127.0.0.1/--address=0.0.0.0/g" /etc/kubernetes/kubelet
/etc/kubernetes/config
sed -i "s/127.0.0.1:8080/192.168.1.107:8080/g" /etc/kubernetes/config
/etc/sysconfig/flanneld
sed -i "s/127.0.0.1:2379/192.168.1.107:2379/g" /etc/sysconfig/flanneld
第一个demo
编写文件a.yaml
apiVersion: extensions/v1beta1
kind: Deployment
metadata:
name: my-app
spec:
replicas: 2
template:
metadata:
labels:
app: my-app
spec:
containers:
- name: my-app
image: registry.alauda.cn/yubang/paas_base_test
ports:
- containerPort: 80
command: ["/bin/bash", "/var/start.sh"]
resources:
limits:
cpu: 0.5
memory: 64Mi
创建服务
kubectl create -f a.yaml --validate
删除服务
kubectl delete -f a.yaml
增加子节点
安装软件
yum-config-manager --add-repo https://docs.docker.com/v1.13/engine/installation/linux/repo_files/centos/docker.repo
yum makecache fast
yum -y install docker-engine-1.13.1
yum install epel-release -y
yum remove -y docker-engine*
yum install -y kubernetes docker flannel
修改配置文件(10.135.163.237为主节点ip,139.199.0.29为当前节点ip)
sed -i "s/--hostname-override=127.0.0.1/--hostname-override=139.199.0.29/g" /etc/kubernetes/kubelet
sed -i "s/127.0.0.1:8080/10.135.163.237:8080/g" /etc/kubernetes/kubelet
sed -i "s/--address=127.0.0.1/--address=0.0.0.0/g" /etc/kubernetes/kubelet
sed -i "s/127.0.0.1:8080/10.135.163.237:8080/g" /etc/kubernetes/config
sed -i "s/127.0.0.1:2379/10.135.163.237:2379/g" /etc/sysconfig/flanneld
sed -i "s/--admission-control=NamespaceLifecycle,NamespaceExists,LimitRanger,SecurityContextDeny,ServiceAccount,ResourceQuota/--admission_control=NamespaceLifecycle,NamespaceExists,LimitRanger,ResourceQuota/g" /etc/kubernetes/apiserver
启动服务
service docker start
for SERVICES in kube-proxy kubelet docker flanneld; do
systemctl restart $SERVICES
systemctl enable $SERVICES
systemctl status $SERVICES
done;
在主服务器查看节点
kubectl get node
重启服务(重新加入集群)
systemctl restart kube-apiserver.service
删除节点
kubectl delete node 节点ip
Docker私有库搭建
1. vim /etc/pki/tls/openssl.cnf
[ v3_ca ]
subjectAltName = IP:192.168.1.108 私有仓库地址
然后使用openssl命令在当前的certs目录下创建了一个自签名的证书:
# mkdir -p certs && openssl req -newkey rsa:4096 -nodes -sha256 -keyout certs/domain.key -x509 -days 365 -out certs/domain.crt
在证书的创建过程中,会询问国家、省分、城市、组织、部门和common name的信息,其中common name信息我填写的是主机的IP 192.168.169.125. 证书创建完毕后,在certs目录下出现了两个文件:证书文件domain.crt和私钥文件domain.key
在192.168.1.108上安装docker
# yum -y install docker
将前面生成的domain.crt文件复制到/etc/docker/certs.d/192.168.1.108:5000目录下,然后重启docker进程:
# mkdir -p /etc/docker/certs.d/192.168.1.108:5000
# cp certs/domain.crt /etc/docker/certs.d/192.168.1.108:5000/ca.crt
# systemctl restart docker
至此,Docker私有库搭建完成。
Kubernetes Web UI搭建 Dashboard部署
参考:http://blog.csdn.net/shenshouer/article/details/52957015
http://www.bubuko.com/infodetail-2242562.html
http://blog.csdn.net/wenwst/article/details/54410012
我事先下载了镜像文件并使用docker load命令加载镜像:
# docker load < kubernetes-dashboard-amd64_v1.1.0.tar.gz
# docker images
REPOSITORY TAG IMAGE ID CREATED SIZE
registry 2 c6c14b3960bd 3 days ago 33.28 MB
ubuntu latest 42118e3df429 9 days ago 124.8 MB
hello-world latest c54a2cc56cbb 4 weeks ago 1.848 kB
172.28.80.11:5000/kubernetes-dashboard-amd64 v1.1.0 20b7531358be 5 weeks ago 58.52 MB
registry 2 8ff6a4aae657 7 weeks ago 171.5 MB
# docker tag 20b7531358be 192.168.1.108:5000/kubernetes-dashboard-amd64
# docker push 192.168.1.108:5000/kubernetes-dashboard-amd64
从Kubernetes官网获取了kubernetes-dashboard的配置文件https://rawgit.com/kubernetes/dashboard/master/src/deploy/kubernetes-dashboard.yaml,对其进行编辑如下:
# Copyright 2015 Google Inc. All Rights Reserved.
#
# Licensed under the Apache License, Version 2.0 (the "License");
# you may not use this file except in compliance with the License.
# You may obtain a copy of the License at
#
# http://www.apache.org/licenses/LICENSE-2.0
#
# Unless required by applicable law or agreed to in writing, software
# distributed under the License is distributed on an "AS IS" BASIS,
# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
# See the License for the specific language governing permissions and
# limitations under the License.
# Configuration to deploy release version of the Dashboard UI.
#
# Example usage: kubectl create -f <this_file>
kind: Deployment
apiVersion: extensions/v1beta1
metadata:
labels:
app: kubernetes-dashboard
version: v1.1.0
name: kubernetes-dashboard
namespace: kube-system
spec:
replicas: 1
selector:
matchLabels:
app: kubernetes-dashboard
template:
metadata:
labels:
app: kubernetes-dashboard
spec:
containers:
- name: kubernetes-dashboard
image: 192.168.169.125:5000/kubernetes-dashboard-amd64
imagePullPolicy: Always
ports:
- containerPort: 9090
protocol: TCP
args:
# Uncomment the following line to manually specify Kubernetes API server Host
# If not specified, Dashboard will attempt to auto discover the API server and connect
# to it. Uncomment only if the default does not work.
- --apiserver-host=192.168.169.120:8080
livenessProbe:
httpGet:
path: /
port: 9090
initialDelaySeconds: 30
timeoutSeconds: 30
---
kind: Service
apiVersion: v1
metadata:
labels:
app: kubernetes-dashboard
name: kubernetes-dashboard
namespace: kube-system
spec:
type: NodePort
ports:
- port: 80
targetPort: 9090
selector:
app: kubernetes-dashboard
——————————————————————————————————————————————————————————————————————————————————————————————————————————
尤其要注意:1 创建的Pods所要拉取的镜像是Docker私有库的192.168.169.125:5000/kubernetes-dashboard-adm64; 2 apiserver-host参数是192.168.169.120:8080,即Kubernetes Master节点的aipserver服务地址。
修改完kubernetes-dashboard.yaml后保存到Kubernetes Master节点192.168.169.120节点上,在该节点上用kubectl create命令创建kubernetes-dashboard:
# kubectl create -f kubernetes-dashboard.yaml
创建完成后,查看Pods和Service的详细信息:
# kubectl get pods --all-namespaces
NAMESPACE NAME READY STATUS RESTARTS AGE
default nginx 1/1 Running 0 3h
kube-system kubernetes-dashboard-4164430742-lqhcg 1/1 Running 0 2h
# kubectl describe pods/kubernetes-dashboard-4164430742-lqhcg --namespace="kube-system"
Name: kubernetes-dashboard-4164430742-lqhcg
Namespace: kube-system
Node: 192.168.169.124/192.168.169.124
Start Time: Mon, 01 Aug 2016 16:12:02 +0800
Labels: app=kubernetes-dashboard,pod-template-hash=4164430742
Status: Running
IP: 172.17.17.3
Controllers: ReplicaSet/kubernetes-dashboard-4164430742
Containers:
kubernetes-dashboard:
Container ID: docker://40ab377c5b8a333487f251547e5de51af63570c31f9ba05fe3030a02cbb3660c
Image: 192.168.169.125:5000/kubernetes-dashboard-amd64
Image ID: docker://sha256:20b7531358be693a34eafdedee2954f381a95db469457667afd4ceeb7146cd1f
Port: 9090/TCP
Args:
--apiserver-host=192.168.169.120:8080
QoS Tier:
cpu: BestEffort
memory: BestEffort
State: Running
Started: Mon, 01 Aug 2016 16:12:03 +0800
Ready: True
Restart Count: 0
Liveness: http-get http://:9090/ delay=30s timeout=30s period=10s #success=1 #failure=3
Environment Variables:
Conditions:
Type Status
Ready True
No volumes.
No events.
# kubectl describe service/kubernetes-dashboard --namespace="kube-system"
Name: kubernetes-dashboard
Namespace: kube-system
Labels: app=kubernetes-dashboard
Selector: app=kubernetes-dashboard
Type: NodePort
IP: 10.254.213.209
Port: <unset> 80/TCP
NodePort: <unset> 31482/TCP
Endpoints: 172.17.17.3:9090
Session Affinity: None
No events.
从kubernetes-dashboard的service详细信息可以看到,该service绑定到了Node节点的31482端口上。现在,通过浏览器访问该端口就能看到Kubernetes的Web UI:
http://nodeIP:31482
浙公网安备 33010602011771号