點(diǎn)擊上方藍(lán)色字體，選擇“標(biāo)星公眾號(hào)”

優(yōu)質(zhì)文章，第一時(shí)間送達(dá)

? 作者?|??論精微而朗暢?

來源 |? urlify.cn/f2eeim

一、運(yùn)行環(huán)境

Centos 7.7
虛擬機(jī)內(nèi)核為 3.10
基礎(chǔ)組件版本：
k8s.gcr.io/kube-apiserver:v1.16.0
k8s.gcr.io/kube-controller-manager:v1.16.0
k8s.gcr.io/kube-scheduler:v1.16.0

k8s.gcr.io/kube-proxy:v1.16.0

k8s.gcr.io/pause:3.1

k8s.gcr.io/etcd:3.3.15-0

k8s.gcr.io/coredns:1.6.2

hostname	ip	resource	role
hsjry-16-114-128	172.16.114.128	2c2G	master
hsjry-16-114-129	172.16.114.129	2c2G	node1
hsjry-16-114-130	172.16.114.130	2c2G	node2

二、介質(zhì)準(zhǔn)備

需要下載安裝 docker 所需要的依賴和 docker 本身。
需要下載上述組件的鏡像包
準(zhǔn)備 kubeadm kubectl kubelet

?cat?>?/etc/yum.repos.d/kubernetes.repo?<[kubernetes]
name=Kubernetes?Repo
baseurl=https://mirrors.aliyun.com/kubernetes/yum/repos/kubernetes-el7-x86_64/
gpgcheck=1
gpgkey=https://mirrors.aliyun.com/kubernetes/yum/doc/rpm-package-key.gpg
enabled=1
EOF
yum?list?kubeadm?--showduplicates
yum?remove?kubectl?kubeadm?kubelet
yum?-y?install?kubectl-1.16.0-0?kubeadm-1.16.0-0?kubelet-1.16.0-0

三、安裝 docker

1.殘余卸載

安裝之前先將原有的

yum?remove?docker?\
??????????????????docker-client?\
??????????????????docker-client-latest?\
??????????????????docker-common?\
??????????????????docker-latest?\
??????????????????docker-latest-logrotate?\
??????????????????docker-logrotate?\
??????????????????docker-selinux?\
??????????????????docker-engine-selinux?\
??????????????????docker-engine
rm?-rf?/etc/systemd/system/docker.service.d
rm?-rf?/var/lib/docker
rm?-rf?/var/run/docker

2.前期準(zhǔn)備

#?關(guān)閉防火墻
systemctl?stop?firewalld?&&?systemctl?disable?firewalld
iptables?-F?&&?iptables?-X?&&?iptables?-F?-t?nat?&&?iptables?-X?-t?nat?&&?iptables?-P?FORWARD?ACCEPT
#?關(guān)閉?SELinux
setenforce?0
sed?-i?"s/SELINUX=enforcing/SELINUX=disabled/g"?/etc/selinux/config
#?關(guān)閉?swapoff
swapoff?-a
sed?-i?'/?swap?/?s/^\(.*\)$/#\1/g'?/etc/fstab

3.rpm 安裝 docker

rpm?-ivh?*.rpm?--nodeps?--force

4.收尾設(shè)置

這里的資源管理方式采用 systemd（可自行根據(jù)情況選擇）

systemctl?enable?docker
systemctl?start?docker
cat?<>?/etc/docker/daemon.json?
{
??"exec-opts":?["native.cgroupdriver=systemd"],
??"insecure-registries":?["0.0.0.0/0"]
}
EOF
systemctl?restart?docker

四、安裝 kubernetes

1.前期配置

這個(gè)階段的內(nèi)容需要在各個(gè)節(jié)點(diǎn)上執(zhí)行

base_dir=./k8s
#?加載內(nèi)核參數(shù)
modprobe?--?ip_vs
modprobe?--?ip_vs_rr
modprobe?--?ip_vs_wrr
modprobe?--?ip_vs_sh
if?[[?$(uname?-r?|cut?-d?.?-f1)?-ge?4?&&?$(uname?-r?|cut?-d?.?-f2)?-ge?19?]];?then
??modprobe?--?nf_conntrack
else
??modprobe?--?nf_conntrack_ipv4
fi

cat?<??/etc/sysctl.d/k8s.conf
net.bridge.bridge-nf-call-ip6tables?=?1
net.bridge.bridge-nf-call-iptables?=?1
EOF
#?立即生效
sysctl?--system
sysctl?-w?net.ipv4.ip_forward=1
systemctl?stop?firewalld?&&?systemctl?disable?firewalld
swapoff?-a?||?true
setenforce?0?||?true

#?這里是將下載好的直接?cp,也可選擇?rpm?安裝的方式
chmod?a+x?$base_dir/bin/*
cp?$base_dir/bin/*?/usr/bin
cp?$base_dir/conf/kubelet.service?/etc/systemd/system/
mkdir?/etc/systemd/system/kubelet.service.d
cp?$base_dir/conf/10-kubeadm.conf?/etc/systemd/system/kubelet.service.d/

#?獲取?docker?的?cgroupDriver
cgroupDriver=$(docker?info|grep?Cg)
driver=${cgroupDriver##*:?}
echo?"driver?is?${driver}"

mkdir?-p?/var/lib/kubelet/?||?true
#?聲明?kubelete?的配置內(nèi)容
cat?<?/var/lib/kubelet/config.yaml
address:?0.0.0.0
apiVersion:?kubelet.config.k8s.io/v1beta1
authentication:
??anonymous:
????enabled:?false
??webhook:
????cacheTTL:?2m0s
????enabled:?true
??x509:
????clientCAFile:?/etc/kubernetes/pki/ca.crt
authorization:
??mode:?Webhook
??webhook:
????cacheAuthorizedTTL:?5m0s
????cacheUnauthorizedTTL:?30s
cgroupDriver:?${driver}
cgroupsPerQOS:?true
clusterDNS:
-?10.96.0.10
clusterDomain:?cluster.local
configMapAndSecretChangeDetectionStrategy:?Watch
containerLogMaxFiles:?5
containerLogMaxSize:?10Mi
contentType:?application/vnd.kubernetes.protobuf
cpuCFSQuota:?true
cpuCFSQuotaPeriod:?100ms
cpuManagerPolicy:?none
cpuManagerReconcilePeriod:?10s
enableControllerAttachDetach:?true
enableDebuggingHandlers:?true
enforceNodeAllocatable:
-?pods
eventBurst:?10
eventRecordQPS:?5
evictionHard:
??imagefs.available:?15%
??memory.available:?100Mi
??nodefs.available:?10%
??nodefs.inodesFree:?5%
evictionPressureTransitionPeriod:?5m0s
failSwapOn:?true
fileCheckFrequency:?20s
hairpinMode:?promiscuous-bridge
healthzBindAddress:?127.0.0.1
healthzPort:?10248
httpCheckFrequency:?20s
imageGCHighThresholdPercent:?85
imageGCLowThresholdPercent:?80
imageMinimumGCAge:?2m0s
iptablesDropBit:?15
iptablesMasqueradeBit:?14
kind:?KubeletConfiguration
kubeAPIBurst:?10
kubeAPIQPS:?5
makeIPTablesUtilChains:?true
maxOpenFiles:?1000000
maxPods:?110
nodeLeaseDurationSeconds:?40
nodeStatusUpdateFrequency:?10s
oomScoreAdj:?-999
podPidsLimit:?-1
port:?10250
registryBurst:?10
registryPullQPS:?5
resolvConf:?/etc/resolv.conf
rotateCertificates:?true
runtimeRequestTimeout:?2m0s
serializeImagePulls:?true
staticPodPath:?/etc/kubernetes/manifests
streamingConnectionIdleTimeout:?4h0m0s
syncFrequency:?1m0s
volumeStatsAggPeriod:?1m0s
EOF
#?加載鏡像包
docker?load?-i?$base_dir/images/images.tar.gz?||?true

systemctl?enable?kubelet

2.初始化 master

本次通過 kubeadm 的方式初始化 master 節(jié)點(diǎn)

base_dir=./k8s
kubeadm?init?--config?$base_dir/conf/kubeadm.yaml
mkdir?~/.kube
cp?/etc/kubernetes/admin.conf?~/.kube/config
kubectl?taint?nodes?--all?node-role.kubernetes.io/master-
kubectl?apply?-f?$base_dir/conf/kube-flannel.yaml
sleep?5
kubectl?apply?-f?$base_dir/conf/traefik-config.yaml

這里結(jié)束后會(huì)輸出一個(gè)命令，需要 cp 這個(gè)命令到 node 節(jié)點(diǎn)上敲下，就可以加入master 了

3.初始化 node

#?需執(zhí)行上述?1?的內(nèi)容
#?通過?kubeadm?create?token?創(chuàng)建的?token?，過期時(shí)間是24小時(shí)，這就是為什么過了一天無法再次使用之前記錄的?kube?join?原生腳本的原因，也可以運(yùn)行?kubeadm?token?create?--ttl?0生成一個(gè)永不過期的?token，

4.驗(yàn)證

到 master 節(jié)點(diǎn)上敲 kubectl get nodes 就可以看到這個(gè)集群的信息咯

五、安裝 ingress

這里采用 traefix 來作為服務(wù)暴露的方式。
kubectl apply -f $base_dir/conf/traefik-config.yaml

六、附件

github：

https://github.com/ankuo/k8s-install

粉絲福利：108本java從入門到大神精選電子書領(lǐng)取

???

?長(zhǎng)按上方鋒哥微信二維碼?2 秒
備注「1234」即可獲取資料以及
可以進(jìn)入java1234官方微信群

感謝點(diǎn)贊支持下哈?

k8s Docker 安裝

一、運(yùn)行環(huán)境

二、介質(zhì)準(zhǔn)備